[Test Proxy] Sanitizer updates (#35419)

This is a stop-gap to fix some regexes until we can rely on test-proxy
itself for sanitization.

Signed-off-by: Paul Van Eck <[email protected]>

Author: pvaneck

tools/azure-sdk-tools/devtools_testutils/azure_recorded_testcase.py

@@ -7,6 +7,7 @@
 import logging
 import os
 import os.path
+import re
 import six
 import sys
 import time
@@ -33,6 +34,11 @@
 
 def _sanitize_token(token, fake_token):
     add_general_string_sanitizer(value=fake_token, target=token)
+
+    # By this point, the token sig value should've been sanitized.
+    token = re.sub(r"(?<=sig=)[^&]*", SANITIZED, token)
+    add_general_string_sanitizer(value=fake_token, target=token)
+
     url_safe_token = token.replace("/", "%2F")
     add_general_string_sanitizer(value=fake_token, target=url_safe_token)
     async_token = token.replace("%3A", ":")

tools/azure-sdk-tools/devtools_testutils/proxy_startup.py

@@ -391,21 +391,22 @@ def set_common_sanitizers() -> None:
 
     # Body regex sanitizers for sensitive patterns in request/response bodies
     batch_sanitizers[Sanitizer.BODY_REGEX] = [
-        {"regex": "(client_id=)[^&]+", "value": "$1sanitized"},
-        {"regex": "(client_secret=)[^&]+", "value": "$1sanitized"},
-        {"regex": "(client_assertion=)[^&]+", "value": "$1sanitized"},
-        {"regex": "(?:[\\?&](sv|sig|se|srt|ss|sp)=)(?<secret>(([^&\\s]*)))", "value": SANITIZED},
+        {"regex": "(client_id=)(?<secret>[^&\\\"]+)", "group_for_replace": "secret", "value": SANITIZED},
+        {"regex": "client_secret=(?<secret>[^&\\\"]+)", "group_for_replace": "secret", "value": SANITIZED},
+        {"regex": "client_assertion=(?<secret>[^&\\\"]+)", "group_for_replace": "secret", "value": SANITIZED},
+        {"regex": "(?:[\\?&](sv|sig|se|srt|ss|st|sp)=)(?<secret>[^&\\\"\\s]*)",
+         "group_for_replace": "secret", "value": SANITIZED},
         {"regex": "refresh_token=(?<group>.*?)(?=&|$)", "group_for_replace": "group", "value": SANITIZED},
         {"regex": "access_token=(?<group>.*?)(?=&|$)", "group_for_replace": "group", "value": SANITIZED},
-        {"regex": "token=(?<token>[^\\u0026]+)($|\\u0026)", "group_for_replace": "token", "value": SANITIZED},
-        {"regex": "-----BEGIN PRIVATE KEY-----\\n(.+\\n)*-----END PRIVATE KEY-----\\n", "value": SANITIZED},
-        {"regex": "(?<=<UserDelegationKey>).*?(?:<SignedTid>)(.*)(?:</SignedTid>)", "value": SANITIZED},
-        {"regex": "(?<=<UserDelegationKey>).*?(?:<SignedOid>)(.*)(?:</SignedOid>)", "value": SANITIZED},
-        {"regex": "(?<=<UserDelegationKey>).*?(?:<Value>)(.*)(?:</Value>)", "value": SANITIZED},
-        {"regex": "(?:Password=)(.*?)(?:;)", "value": SANITIZED},
-        {"regex": "(?:User ID=)(.*?)(?:;)", "value": SANITIZED},
-        {"regex": "(?:<PrimaryKey>)(.*)(?:</PrimaryKey>)", "value": SANITIZED},
-        {"regex": "(?:<SecondaryKey>)(.*)(?:</SecondaryKey>)", "value": SANITIZED},
+        {"regex": "token=(?<token>[^&\\\"]+)($|&)", "group_for_replace": "token", "value": SANITIZED},
+        {"regex": "-----BEGIN PRIVATE KEY-----\\n(?<cert>.+\\n)*-----END PRIVATE KEY-----\\n", "group_for_replace": "cert", "value": SANITIZED},
+        {"regex": "(?<=<UserDelegationKey>).*?(?:<Value>)(?<group>.*)(?:</Value>)", "group_for_replace": "group", "value": SANITIZED},
+        {"regex": "(?<=<UserDelegationKey>).*?(?:<SignedTid>)(?<group>.*)(?:</SignedTid>)", "group_for_replace": "group", "value": SANITIZED},
+        {"regex": "(?<=<UserDelegationKey>).*?(?:<SignedOid>)(?<group>.*)(?:</SignedOid>)", "group_for_replace": "group", "value": SANITIZED},
+        {"regex": "(?:Password=)(?<pwd>.*?)(?:;)", "group_for_replace": "pwd", "value": SANITIZED},
+        {"regex": "(?:User ID=)(?<id>.*?)(?:;)", "group_for_replace": "id", "value": SANITIZED},
+        {"regex": "(?:<PrimaryKey>)(?<key>.*)(?:</PrimaryKey>)", "group_for_replace": "key", "value": SANITIZED},
+        {"regex": "(?:<SecondaryKey>)(?<key>.*)(?:</SecondaryKey>)", "group_for_replace": "key", "value": SANITIZED},
     ]
 
     # General regex sanitizers for sensitive patterns throughout interactions